Re: What is "certificate"? (was: what are realistic threats?)

• To: datkins <datkins@procyon.unm.edu>
• Subject: Re: What is "certificate"? (was: what are realistic threats?)
• From: Hapeman Dale <hapemand@asq8.bah.com>
• Date: Mon, 10 Oct 94 11:15:00 edt
• Cc: "'www-security'" <www-security@ns1.rutgers.edu>
• Reply-To: Hapeman Dale <hapemand@asq8.bah.com>

>From: datkins
>To: Hapeman Dale
>Cc: 'www-security'
>Subject: Re: What is "certificate"? (was: what are realistic threats?)
>Date: Monday, October 10, 1994 7:42AM
>
>I'm late getting into this discussion; what can I read to get up to speed
>on all this?

My reference is to CCITT X..509.  It is an ISO standard (The 1988 version 
 was called the Blue Book).  It can be bought (sorry) from the National 
Technical Exchange Service. See their Anonymous FTP server at 
ftp.fedworld.gov or call (703) 487-4650.  Try the PEM RFC's also (1422-1424 
is a guess).

>>
>> How are these bound together?  Because the issuer of my certificate signs 

>> the bits that make up my certificate.  My certificate can not be altered
>> without invalidating my issuer's signature.
>>
>> Now, you can validate my signature using my public key and know it came 
from
>> me because the issuer of my certificate says that that public key belongs 
to
>> me. The only thing my issuer has effectively "certified" is that I am the 

>> person who signed whatever it is I sent you.  You can verify the issuer's 

>> signature on my certificate by gaining access to his certificate (and his 

>> public key).
>>
>> Why should you put am credence in my issuer's signature?  Somebody issued 

>> and signed his certificate verifying that his public key (the one you 
used
>> to verify his signature) does indeed belong to him.  That somebody
>> "certified" that he is really the person who used the public key that 
signed
>> my certificate.
>
>This is all fine, but I seemed to have missed how the issuer verifies the
>contents of a document.  It would seem that would become the weak link in 
all
>this.  Not that I cant trust my issuer, but how does an issuer, with
>confidence(100%), validate a document?  If an issuer cant give you that
>degree of confidence then how can you ever trust the certification?
>Another foolish question is what is an issuer.  What entity is it?
>
You have hit on the essence of my point.  The issuer of a certificate makes 
absolutely no assertion with respect to the validity of a document (or any 
statements made in a document, or credit history, etc.).  The issuer is only 
verifying that THIS public key material  does indeed belong to the person 
named in this certificate.

Who or what the issuer is is determined by the infrastructure proposed by 
the people who do the proposing :-) .  This is what needs to be decided. 
 What method of certificate validation infrastructure will be used for 
secure (authenticated) WWW exchanges?  Here are some possible examples:

     1) Joe Schmoe could issue you a certificate (if the cryptography 
allowed this).  Joe's friend could issue him his certificate, Joe's friend's 
friend could issue Joe's friend's certificate. And so on.  Someone else 
trying to validate your certificate becomes a process of them trying to find 
some issuer in your path that they trust.  There is no assurance that this 
is possible.  I think this is the method used by PGP.

     2)  You could have a "Certification Authority".  This entity would 
issue all of the certificates in your group (company, city, house, etc.). 
 Your Certification Authority (call it "level one") would certified by it's 
Certification Authority (call it "level two").  The level two Certification 
Authority would issue all of the certificates for all of the level one 
Certification Authorities in a larger group.  And so on.  This creates a 
formal higherarchy of Certification Authorities (CA's).  Someone else trying 
to validate your certificate becomes a process of them trying to find some 
issuer in your path that they trust.  Since there is a formal tree of CA's, 
it becomes much more likely that they can find a CA they trust.  In fact, a 
CA in their higherarchy MAY be a CA in your higherarchy. If not, CA's can 
"cross certify"  each other. In this method, there are multiple 
higherarchies with no guarantee of a common point.  I think this is the 
method used by PEM.

     3) The last case just guarantees a common point in the higherarchy, 
 usually the top.  There is ONE higherarchy (tree), and the top is called 
the ROOT.  There are rumblings that the Post Office might be that ROOT (and 
all of the tree to)!

This brings us back to the point.  You will go to the Post Office to get 
your private key and your certificate.  The Post Office will verify that you 
are you and sign your certificate.  Just like when you go to the Post Office 
to get a passport - you show them your Drivers License and Birth Certificate 
to prove that you are you - not that you will not smuggle dope.

>drex
>
>        ---------------
>        datkins@unm.edu 
                                        "tight-lines"
>        CIRT-ACS  University of New Mexico
>        ----------------------------------

Dale Hapeman

• Previous: Re: What is "certificate"? (was: what are realistic threats?)
• Next: Re: What is "certificate"?
• Index(es):
  • Index
  • Thread